Hackers Can Use The Flipper Zero To Unlock Cars, But The Device Itself Isn't The Problem

Amber DaSilva / Jalopnik

The Flipper Zero is mired successful contention again. The physics multitool, pinch its array of various antennas, has agelong been demonized for simply existing — nan Canadian authorities has moreover talked astir banning it entirely owed to a theorized but then-unproven nexus to car thefts. Now, an investigation from 404 Media has revealed an underground marketplace of Flipper package designed to break into modern cars, but there's a catch: The Flipper itself still isn't nan problem, because nan problem lies pinch nan cars and keys themselves. 

This caller onslaught method defeats modern cars' usage of rolling codes, unsocial information a keyfob sends connected each relationship pinch nan car, and it starts by intercepting a genuine transmission from a keyfob — overmuch for illustration a relay attack. Unlike a relay onslaught though, wherever that genuine transmission is artificially range-extended to summation entree to a car without nan driver successful proximity, this caller attack uses nan existent keyfob's accusation to reverse-engineer nan algorithm pinch which nan unsocial information is calculated. With that algorithm successful hand, a instrumentality pinch nan due antenna tin enactment arsenic its own, afloat independent key, moreover going truthful acold arsenic to desynchronize nan car's genuine keyfob successful favour of nan impostor. That impostor tin beryllium a Flipper Zero, a Raspberry Pi, and apt plentifulness much devices. 

Amber DaSilva / Jalopnik

The rumor present isn't nan beingness of a handheld instrumentality pinch a power antenna, it's nan truth that nan malicious actors processing nan package for those devices person entree to automakers' root code. Rolling codes are meant to forestall these types of attacks, by generating caller codes connected each interaction, but that information disappears erstwhile hackers cognize really nan codification is generated — simply knowing 1 codification seems to beryllium capable to tally nan algorithm backmost and cognize what nan adjacent introduction successful nan series will be. At that point, nan instrumentality transmitting nan codification is trivial. Flipper Zero, Raspberry Pi, laptop, it genuinely doesn't matter. 

The Flipper Zero, for illustration nan Raspberry Pi, has plentifulness of genuine uses. I personally ain one, and it acts arsenic everything from a TV distant to a Tamagotchi for maine — I've moreover had a friend usage their Flipper to transcript their apartment's cardinal fob to nonstop me, truthful my instrumentality could unlock their doorway erstwhile I visited for a fewer days. The Flipper has ne'er been nan problem pinch automotive security, nan problem is that automakers' information codification has either leaked to aliases been reverse-engineered by malicious actors.